This is the mail archive of the mailing list for the glibc project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [patch] Error on setenv(..., NULL, ...)

On 11 Mar 2015 14:42, Rich Felker wrote:
> On Wed, Mar 11, 2015 at 01:25:46PM -0400, Mike Frysinger wrote:
> > On 11 Mar 2015 22:14, Siddhesh Poyarekar wrote:
> > > On Wed, Mar 11, 2015 at 04:38:09PM +0000, Szabolcs Nagy wrote:
> > > > no, this just says that NULL argument is undefined behaviour
> > > > 
> > > > this is not a bug in glibc and i don't think any change should be made
> > > 
> > > Fair enough, but if we ever decide to protect ourselves against such
> > > bad access, I'd be in favour of something more conservative like
> > > returning a blank string than returning an error.
> > 
> > if we agree it's undefined behavior, then can't we have fortification turn this 
> > into a build failure ?
> Not a build failure but a runtime trap. UB can't be caught at build
> time because it's only forbidden if the statement that results in UB
> is reached, and reachability is equivalent to the halting problem.

i don't think that nuance matters to fortification.  what i'm talking about 
is when gcc proves a NULL is used.  it already has a nonull warning so it can 
detect this.

Attachment: signature.asc
Description: Digital signature

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]